From: Donald Sharp Date: Mon, 24 Sep 2018 19:12:36 +0000 (-0400) Subject: pimd: Fix several address sanitizer issues X-Git-Tag: frr-7.1-dev~329^2 X-Git-Url: https://git.puffer.fish/?a=commitdiff_plain;h=1d48383802af98683d6d92e3d7c143b830340673;p=mirror%2Ffrr.git pimd: Fix several address sanitizer issues This commit fixes two issues during pim shutdown. 1) The rp_info structure was being freed before the outgoing notifications that depended on it's information was sent out as part of shutdown. 2) The pim->upstream_list shutdown involved iterating over the list via ALL_LIST_ELEMENTS. This typically is enough but pim will auto delete child nodes as well as itself when it goes away and they depend on it. As such the node and nnode could possibly already have been freed. So change the way we look at all the data in the upstream_list Signed-off-by: Donald Sharp --- diff --git a/pimd/pim_instance.c b/pimd/pim_instance.c index bf8d05d1e1..c592a2c047 100644 --- a/pimd/pim_instance.c +++ b/pimd/pim_instance.c @@ -44,10 +44,10 @@ static void pim_instance_terminate(struct pim_instance *pim) if (pim->static_routes) list_delete_and_null(&pim->static_routes); - pim_rp_free(pim); - pim_upstream_terminate(pim); + pim_rp_free(pim); + /* Traverse and cleanup rpf_hash */ if (pim->rpf_hash) { hash_clean(pim->rpf_hash, (void *)pim_rp_list_hash_clean); diff --git a/pimd/pim_upstream.c b/pimd/pim_upstream.c index 0728c9490b..4adfde6775 100644 --- a/pimd/pim_upstream.c +++ b/pimd/pim_upstream.c @@ -1534,12 +1534,13 @@ unsigned int pim_upstream_hash_key(void *arg) void pim_upstream_terminate(struct pim_instance *pim) { - struct listnode *node, *nnode; struct pim_upstream *up; if (pim->upstream_list) { - for (ALL_LIST_ELEMENTS(pim->upstream_list, node, nnode, up)) + while (pim->upstream_list->count) { + up = listnode_head(pim->upstream_list); pim_upstream_del(pim, up, __PRETTY_FUNCTION__); + } list_delete_and_null(&pim->upstream_list); }